Citrix ADC ранее известный как NetScaler

NavigationChange LogCitrix ADC Firewall RulesCitrix ADM Firewall RulesCitrix Virtual Apps and Desktops Firewall RulesCitrix Provisioning Firewall RulesSee CTX101810 Communication Ports Used by Citrix Technologies💡 = Recently UpdatedChange Log2020 Nov 13 – CTX286215 How to change Logstream source IP to NSIP on ADC.2020 Oct 17 – ADM – added 443/8443 from ADM Agents to ADM2018 June 11 – MAS Firewall – added MAS Floating IP and MAS Agents2018 June 9 – StoreFront to Domain Controllers in Trusted Domains – added rules from Citrix Discussions2018 June 6 – added NSIP firewall rules for NetScaler MAS Pooled Licensing2018 May 24 – updated Director->HDX Insight firewall rules to indicate Director as the source (Source = Luke in the comments)Citrix ADC Firewall RulesFromToProtocol / PortPurposeAdministrator machinesNSIPs (and/or SNIPs)TCP 22TCP 80TCP 443TCP 3010TCP 3008SSH and HTTP/SSL access to NetScaler configuration GUI. TCP 3008/3010 is Java and 3008 is used if traffic is encrypted. Java not needed in 10.5 build 57 and newer.Administrator machinesNetScaler SDX SVM, XenServerTCP 22TCP 80TCP 443To administer NetScaler SDXAdministrator machinesNetScaler Lights Out ModuleTCP 443TCP 623TCP 5900CTX200367NSIPSNIPDNS serversPingUDP 53TCP 53Ping is used for monitoring. Can be turned off by load balancing on the same appliance.NSIPsSNIPNetScaler MASTCP 27000TCP 7279Pooled LicensingNSIPsSNIPNTP serversUDP 123NTPNSIPsSNIPSyslog serverUDP 514SyslogNSIPscallhome.citrix.comcis.citrix.comtaas.citrix.comTCP 443Call HomeNSIPs (default)SNIPLDAP Servers(Domain Controllers)TCP 389 (Start TLS)TCP 636 (Secure LDAP)Secure LDAP requires certificates on the Domain Controllers. Secure LDAP enables password changes when they expire.SNIP if Load Balanced on same applianceNSIPsLDAP ServersTCP 389TCP 636Monitor Domain ControllersNSIPs (default)SNIPRADIUS serversUDP 1812RADIUS is used for two-factor authentication. SNIP if Load Balanced on same applianceSNIPRADIUS serversUDP 1812PingMonitor RADIUS serversNetScaler SDX Service virtual machineNSIPsPingTCP 22TCP 80TCP 443Only if NetScaler VPX runs as a virtual machine on top of NetScaler SDXLocal GSLB Site IPSNIPGSLB Site IP (public IP) in other datacenterTCP 3009TCP 3011GSLB Metric Exchange Protocol between appliance pairsNSIPsGSLB Site IP (public IP) in other datacenterTCP 22TCP 3008TCP 3010GSLB Configuration SyncLocal GSLB Site IPSNIPAll InternetPingUDP 53TCP (high ports)RTT to DNS Servers for Dynamic Proximity determinationSNIPStoreFront Load Balancing VIPTCP 443NetScaler Gateway communicates with StoreFrontSNIPStoreFront serversTCP 80TCP 443TCP 808StoreFront Load BalancingNSIPsStoreFront serversTCP 80TCP 443Monitor StoreFront serversStoreFront serversNetScaler Gateway VIP (DMZ IP)TCP 443Authentication callback from StoreFront server to NetScaler Gateway.SNIPEach individual Delivery Controller in every datacenterTCP 80TCP 443Secure Ticket Authorities. This cannot be load balanced.TCP 443 only if certificates are installed on the Delivery Controllers.SNIPAll internal virtual desktops and session hosts (subnet rule?)TCP 1494TCP 2598UDP 1494UDP 2598UDP 16500-16509HDX ICAEnlightened Data TransportSession ReliabilityUDP AudioAll InternetAll internal usersNetScaler Gateway VIP (public

IntroductionIn the previous article of our series, we discussed how to reduce latency across multi-cloud deployments. If you missed it, you can catch up here. Today, we’re going to discuss a crucial topic: finding the top alternative to Citrix Netscaler. As you all know, Citrix has recently undergone significant changes in management and strategy, focusing on simplifying its product offerings. This shift has brought numerous concerns, including increased support overhead and a lack of support for medium and small customers. Additionally, changes in the licensing model have introduced extra costs for contract renewals, adding to the overall financial burden on organizations.In this context, it’s essential to explore robust alternatives that can offer reliable performance, security, and cost efficiency. One such alternative is Thinfinity Workspace. This article will delve into why Thinfinity Workspace stands out as the top alternative to Citrix Netscaler.Let’s get into the meat of this real quick. Imagine a bustling corporate environment where the IT infrastructure must support hundreds of employees accessing critical applications simultaneously. The performance and reliability of these applications can make or break productivity. This is where Thinfinity® Workspace steps in, offering a robust and flexible solution that addresses the unique challenges faced by large organizations. We’ll delve into the features and benefits of Thinfinity Workspace and see why it stands out as the top alternative to Citrix Netscaler.Understanding Application Delivery Controllers (ADCs)ADCs, or Application Delivery Controllers, play a pivotal role in managing, optimizing, and securing the delivery of applications across networks. They ensure that applications are delivered swiftly, securely, and efficiently to end-users, thus maintaining business continuity and enhancing user experience.Definition and Core Functions of ADCsAn ADC is a device or software appliance positioned between the client and server to manage application traffic. ADCs perform essential functions such as load balancing, traffic optimization, and application acceleration. By distributing client requests across multiple servers, ADCs prevent any single server from becoming a bottleneck, thereby enhancing the performance and availability of applications. Think of an ADC as a traffic cop at a busy intersection, skillfully directing vehicles to different lanes to prevent congestion and ensure a smooth flow of traffic. Similarly, ADCs manage data traffic, directing it efficiently to maintain optimal performance.The Role of ADCs in Modern IT InfrastructureIn the era of cloud computing and distributed applications, ADCs have become indispensable. They not only balance loads but also provide crucial security features such as SSL offloading, Web Application Firewall (WAF) capabilities, and DDoS protection. This comprehensive approach ensures that applications are not only fast but also secure from various cyber threats. Picture an ADC as a skilled conductor leading an orchestra, ensuring each instrument plays harmoniously and at the right time while also safeguarding the entire

Citrix Secure Access (formerly Citrix SSO) app enables secure access to business critical applications, virtual desktops, and corporate data from anywhere at any time, providing an optimal user experience with the NetScaler Gateway.Secure Access features:• Full layer 3 TLS connectivity to NetScaler Gateway using Android VpnService framework• Per-app connection flexibility (Provisioning support through MDM systems)• Android Enterprise managed configuration support• Always-On connection support with client certificate on Android 7.0+• Multi-factor authentication support with client certificate• Seamless session maintenance during network changes• Multi-language support• Built-in support for emailing logsOne Time Password (OTP) features:• One Time Password generator using TOTP protocol• Add/manage OTP tokens using QR Code• Second factor authentication using push notifications• Multi factor authentication with biometrics support on Android 6.0+Requirements:Credentialed access to a NetScaler Gateway installation with release 10.5 or later. Please contact your organization’s IT group for connection information.Citrix Secure Access app in a managed Work Profile or Device Profile:• If you are deploying Citrix Secure Access app in a managed Work Profile or Device Profile, it uses QUERY_ALL_PACKAGES permission. This permission is used by enterprise administrator to provision managed VPN configurations. A managed VPN configuration allows controlled access to the VPN session from specific applications on your Android device from the Work Profile or the Device Profile. It is also advised to pre-grant POST_NOTIFICATIONS permission to Citrix Secure Access app so that it can show VPN status and Push notifications to the user on Android 13 and later devices.Typically, Citrix Secure Access app does not collect any personally identifiable data from managed Work Profile. No information from personal profile is accessed.Languages: Citrix Secure Access app supports English, German, French, Spanish, Simplified Chinese, and Japanese languagesHelp docs:

Pricing not only for their current needs but also for future growth. This reduced their total cost of ownership (TCO) by up to 65%, thanks to lower licensing prices and the absence of hidden costs for features like fault tolerance or high availability. Additionally, the scalable licensing allowed the company to adjust user counts as needed without incurring extra costs, offering previously unattainable financial flexibility. This transparent and cost-effective approach empowered the company to better manage their IT budget and invest in other critical areas, ultimately enhancing their overall operational efficiency and financial health.Thinfinity® Workspace vs. Citrix NetscalerBefore we conclude, let’s take a moment to compare Thinfinity Workspace with Citrix Netscaler across several key areas. This comprehensive table will help you make an informed decision by highlighting the strengths and differences between these two solutions.This will ensure you have all the necessary information to understand why Thinfinity Workspace is an excellent alternative for your application delivery needs. ConclusionAs we’ve explored today, finding a robust alternative to Citrix Netscaler is crucial, especially in light of recent changes at Citrix. These changes have led to increased support overhead, less support for medium and small customers, and additional costs due to new licensing models. Such developments have intensified the financial burden on organizations relying on Citrix for their application delivery needs.Thinfinity Workspace shows up as a top contender to replace Citrix Netscaler, offering several compelling advantages. Its advanced features ensure optimal application performance, while the cloud-agnostic architecture provides flexibility across various environments. Furthermore, Thinfinity Workspace’s transparent licensing model alleviates financial uncertainties, making it a cost-effective solution for enterprises of all sizes.For CIOs, CTOs, and CISOs, transitioning to Thinfinity Workspace is more than just a technical upgrade; it’s a strategic decision that can enhance operational efficiency and provide a competitive edge. The benefits of improved application performance, enhanced security, and significant cost savings make Thinfinity Workspace an excellent choice in the evolving digital landscape.Now is the opportune time to explore Thinfinity Workspace’s capabilities fully and consider how it can meet your organization’s unique application delivery requirements, positioning you for success.

Release Date: Mar 1, 2022 Please read instructions for SD-WAN upgrade procedure at:Installation and Upgrade ProcedureThis release contains several bug fixes. Please see Release Notes for full details. Supported Appliances Standard EditionSD-WAN 110SD-WAN 210SD-WAN 400SD-WAN 410SD-WAN 1000SD-WAN 2000SD-WAN 2100SD-WAN 4000SD-WAN 4100SD-WAN 5100Premium EditionSD-WAN 1000SD-WAN 2000SD-WAN 2100Rebranding Changes:NetScaler SD-WANCitrix SD-WANNetScaler SD-WAN Standard Edition (SE)Citrix SD-WAN Standard Edition (SE)NetScaler SD-WAN Enterprise Edition (EE)Citrix SD-WAN Premium Edition (PE)NetScaler SD-WAN WANOP Edition (WO)Citrix SD-WAN WANOP Edition (WO)NetScaler SD-WAN WANOP ClientCitrix SD-WAN WANOP ClientNetScaler SD-WAN CenterCitrix SD-WAN Center SD-WAN Standard/Premium Edition: Upgrade Package Rel 11.4.3(ZIP) Mar 1, 2022 Checksums SHA-256 - c39e244464fc0cc0c200c922d593a50842ad35d1ff347b1ed5cebe85f353c351 SD-WAN Standard Edition Software Package for Platform 110 Rel 11.4.3 Mar 1, 2022 Checksums SHA-256 - c050b509d797878e479475938bb01eb28bdd6e47af91b67fb2f642f6c2fa64ba SD-WAN Standard Edition Software Package for Platform 210 Rel 11.4.3 Mar 1, 2022 Checksums SHA-256 - 2dbe1bd4e2d64c2a526f6a504531f410398501a10c8c835f93836b74cd621602 SD-WAN Standard Edition Software Package for Platform 410 Rel 11.4.3 Mar 1, 2022 Checksums SHA-256 - 8c2487879b3b82b190ed3a40814426757a15b183ca14d09f622eba6f20268026 SD-WAN Standard/Premium Edition Software Package for Platform 1100 Rel 11.4.3 Mar 1, 2022 Checksums SHA-256 - 26a7239162579033e5ed084e1ea854888ae5c762428f9b4c83eb04b0b287a23e SD-WAN Standard/Premium Edition Software Package for Platform 2100 Rel 11.4.3 Mar 1, 2022 Checksums SHA-256 - 7330dcf73961ccf34c4edffa6bd6c1ab991406b6c95ff2da5973ae18f26f21e3 SD-WAN Standard Edition Software Package for Platform 4100 Rel 11.4.3 Mar 1, 2022 Checksums SHA-256 - 77354abcd25672899cb72a3f2c1e0c1b9ddc2331cfe2ed8401b2057bf3efb1de SD-WAN Standard Edition Software Package for Platform 5100 Rel 11.4.3 Mar 1, 2022 Checksums SHA-256 - e5837e5378ad7a2f6470bd75d891de27a8e870319fa9f4e95b7a51f4d16b72af SD-WAN Standard Edition Software Package for Platform 6100 Rel 11.4.3 Mar 1, 2022 Checksums SHA-256 - e1cf5c0fca265c0b6cd70008876c6788201d8120c4cf8e34a945c7391ffede52 Editing TipOpen the author dialog to configure the styled link Editing TipOpen the author dialog to configure